[Oisf-devel] [COMMIT] OISF branch, master-3.2.x, updated. suricata-3.2.3

OISF Git noreply at openinfosecfoundation.org
Thu Jul 13 13:50:17 UTC 2017

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master-3.2.x has been updated
       via  aa9264987f4d39d5945ff822d6b8b5bcbca2822e (commit)
       via  53d8e2983162a99d1946ae27283ef1d1871fb5a1 (commit)
       via  257db74f8938e6c6aa9bf2806cd1991cc8dab4da (commit)
       via  c9077093528f841ecfdbb1b9487cc8f6f04f79cc (commit)
       via  f77412dce5c202298dc1fd0e53a251e839b3790b (commit)
       via  a73e84ea50367db4e699f043926169501840b176 (commit)
       via  82e1af58cc43147deaa1596b238bc9386a6d128e (commit)
      from  9d3a99bf0b95f938f84c924e112a9904e84b6765 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit aa9264987f4d39d5945ff822d6b8b5bcbca2822e
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Jul 12 16:51:19 2017 +0200

    changelog: update for 3.2.3 release

commit 53d8e2983162a99d1946ae27283ef1d1871fb5a1
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Jul 10 10:15:54 2017 +0200

    der/asn1: limit recursion
    Limit the number of recursive calls in the DER/ASN.1 decoder to avoid
    stack overflows.
    Found using AFL.

commit 257db74f8938e6c6aa9bf2806cd1991cc8dab4da
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Jul 10 14:33:09 2017 +0200

    stream: don't reset state on syn/ack resend
    Bug #1958.
    The reset was originally created for issue #523, but that works
    well without the reset as well.

commit c9077093528f841ecfdbb1b9487cc8f6f04f79cc
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Jul 13 10:04:47 2017 +0200

    radix: fix risky malloc call
    GCC7 said:
      CC       util-radix-tree.o
    In file included from util-debug-filters.h:29:0,
                     from util-debug.h:34,
                     from suricata-common.h:421,
                     from util-radix-tree.c:26:
    util-radix-tree.c: In function ‘SCRadixAddKey’:
    util-mem.h:177:12: error: argument 1 range [18446744071562067968, 18446744073709551615] exceeds maximum object size 9223372036854775807 [-Werror=alloc-size-larger-than=]
         ptrmem = malloc((a)); \
    util-radix-tree.c:749:42: note: in expansion of macro ‘SCMalloc’
                 if ( (inter_node->netmasks = SCMalloc((node->netmask_cnt - i) *
    In file included from suricata-common.h:69:0,
                     from util-radix-tree.c:26:
    /usr/include/stdlib.h:443:14: note: in a call to allocation function ‘malloc’ declared here
     extern void *malloc (size_t __size) __THROW __attribute_malloc__ __wur;
    scan-build said:
    util-radix-tree.c:749:42: warning: Call to 'malloc' has an allocation size of 0 bytes
                if ( (inter_node->netmasks = SCMalloc((node->netmask_cnt - i) *
    ./util-mem.h:177:14: note: expanded from macro 'SCMalloc'
        ptrmem = malloc((a)); \
    1 warning generated.

commit f77412dce5c202298dc1fd0e53a251e839b3790b
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Jul 13 09:57:40 2017 +0200

    gcc7: fix format-truncation warnings in runmodes
    util-runmodes.c: In function ‘RunModeSetIPSAutoFp’:
    util-runmodes.c:496:40: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
             snprintf(qname, sizeof(qname), "pickup%d", thread+1);
    util-runmodes.c:496:9: note: ‘snprintf’ output between 8 and 17 bytes into a destination of size16
             snprintf(qname, sizeof(qname), "pickup%d", thread+1);
    Solved by reducing 'thread' to a uint16_t and limiting the max
    thread count to 1024.

commit a73e84ea50367db4e699f043926169501840b176
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Jul 13 09:06:39 2017 +0200

    gcc7: fix format truncation warning
    detect-rpc.c: In function ‘DetectRpcParse’:
    detect-rpc.c:225:50: error: ‘%s’ directive argument is null [-Werror=format-truncation=]
                     SCLogError(SC_ERR_INVALID_VALUE, "invalid rpc option %s",args[i]);
    util-debug.h:239:77: note: in definition of macro ‘SCLogErr’
                 int _sc_log_ret = snprintf(_sc_log_msg, SC_LOG_MAX_LOG_MSG_LEN, __VA_ARGS__);   \
    detect-rpc.c:225:17: note: in expansion of macro ‘SCLogError’
                     SCLogError(SC_ERR_INVALID_VALUE, "invalid rpc option %s",args[i]);

commit 82e1af58cc43147deaa1596b238bc9386a6d128e
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Jul 12 18:44:33 2017 +0200

    gcc7: fixes for format string warnings
    GCC 7.1.1 on Fedora gave several warnings with -Wimplicit-fallthrough
    and -Wformat-truncation
    This patch addresses the warnings.


Summary of changes:
 ChangeLog               |   8 ++++
 src/app-layer-ssl.c     |   7 ++++
 src/detect-rpc.c        |  14 +++----
 src/log-httplog.c       |   4 +-
 src/log-pcap.c          |  28 ++++++++++----
 src/runmode-erf-file.c  |  10 +++--
 src/runmode-pcap-file.c |   8 ++--
 src/runmode-unittests.h |   1 +
 src/stream-tcp.c        |   4 --
 src/util-debug.h        |   8 +++-
 src/util-decode-der.c   |   5 +++
 src/util-hash-lookup3.c | 100 ++++++++++++++++++++++++------------------------
 src/util-radix-tree.c   |  23 +++++------
 src/util-runmodes.c     |  21 ++++++----
 14 files changed, 141 insertions(+), 100 deletions(-)


More information about the Oisf-devel mailing list